Azure Traffic Manager with Application Gateway backends

4
votes

We have an architecture whereby we have a traffic manager in front of two Azure application gateways and configured based on Priority (closer proximity has higher priority). We are using Application Gateway for path based routing to multiple web apps. if one of the web apps (backend pool) under application gateways is down , traffic manager keeps directing the traffic to the same application gateway although the requests are failing. I am guessing traffic manager is only probing the default backend pool ? anyone knows how to configure the traffic manager in this case so it re-routes the traffic to second location when requests are failing in first priority locaiton ?

6
azurehigh-availabilityazure-traffic-managerazure-application-gateway
Are the IP address of Application gateway as the Endpoints for your Traffic manager?Wayne Yang

6 Answers

0
votes

Traffic Manager probes can take a path but I am assuming you have configured multiple paths for different webapps. What you are looking for is a setup where if a path is down, Traffic Manager should route to the second Application Gateway. This is difficult to setup unless you had a dedicated webapp which responds healthy/unhealthy status based off the aggregated health of all the path based webapps.

1
votes

To solve this problem use custom headers in traffic may endpoint. Header host:<< domain name >> should be added to endpoint. This will help appgateway to determine appropriate backend for health check.

0
votes

If the Endpoint for your Traffic manager is the IP address of Application gateway, the Traffic Manager will also get 200 OK status from the Application gateway.

Because that the machine or application in the application gateway backend pool is not detected by Traffic manager. the probe of Traffic manager only detects the endpoint configured in itself. If the Application gateway works well, it will route the traffic to that gateway as normal.

0
votes

I'm literally battling with the same problem.

My App Gateway has URL based listeners for each of the websites beneath it based around the URL of the request. I have one for HTTP and another for HTTPS, both around the same publically exposed DNS name.

I think the solution to this issue is to add a 3rd listener but this will use the traffic manager host name. This way, the request will come to the app gateway and it will then match a known URL and make its way down to the website beneath the gateway.

Otherwise the monitor will only be polling the gateway status and will 'always' return a known HTTP status code.

0
votes

With your scenario, only when the both endpoints/Web App which is added to the backend of the Application Gateway fails, the traffic will be switched to the Application Gateway in other location as the Traffic Manager probes will be successful as long as Application gateway responds with a 200 OK.

0
votes

Add a separate Application Gateway for each application. This would be a costly solution but will address your concern without changing architecture.